Dave,
As you know, SpamAssassin's job isn't to decide if a message "is
authorized" or "is not authorized". Rather, SpamAssassin's job is to
decide if a message "is spam" or "is not spam". To perform its
function, SpamAssassin uses heuristics.
The purpose of mailsig isn't to decide "is spam" or "is not spam", but
rather to decide "is authorized" or "is not authorized".
With that in mind, I don't see arguments against SpamAssassin's use of
heuristics apply to mailsig -- I don't believe anyone is proposing or
suggesting that mailsig use heuristics. The fact that SpamAssassin
does so, in order to perform an additional function, is necessary
because of the additional function that SpamAssassin performs.
-d
On Nov 28, 2004, at 4:57 PM, Dave Crocker wrote:
Justin,
'Con: Does copying [IIM's "copy protected headers" concept]
really
increase protection?'
I would like to note that this is, indeed, *ideal* for us in
SpamAssassin;
it lets us adopt new heuristics to deal with moderately-broken
gateways
like old, unupgraded Mailman mailing list managers. Detecting
Subject
Mostly, my reaction is that you are actually describing badness, not
goodness.
Let me explain why: When standards do things to encourage heuristics,
the utility of the service becomes more and more a question of
stochastics. That means that there is no real reliability to whether
things will work. People do whatever they feel like and recipients
are left trying to guess what the sender chose.
Heuristics make sense when there are no standards. But the purpose of
a standard is to define precise, predictable behaviors, and that means
constraints.
line modification, where such modification is mailing-list-style
subject-tag prepending, is very easy in this case.
So, in my opinion, "copy protected headers" does increase
protection, by
allowing verifiers to "rescue" some mails from becoming false
positives
when rewritten by to nonconformant gateways -- and in that case, not
having to apply a blanket exemption for list-gated messages that
fail the
signature check.
And this is why it is increasingly clear to me that we should not be
trying to make the mechanism be robust against intermediaries that
make arbitrary changes. Ultimately, that's an arms race. The
intermediaries do more and more arbitrary stuff and we do more and
more to try to guess how to protect against it.
That's not standards work. It's something else.
d/
--
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
www.brandenburg.com